package app

import (
	"net/http"
	"log"
	"fmt"
	"html/template"
	"strconv"
	"gopkg.in/ldap.v2"
	"encoding/json"
)

//用户管理首页
func (G *Global) LdapUser(w http.ResponseWriter, r *http.Request) {
	G.Ldap.Config = G.Config.LdapConfig()
	if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
		ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
		if Err != nil {
			log.Println(Err)
			fmt.Fprint(w, "LDAP服务器连接失败!")
			return
		} else {
			if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
				log.Println(Err)
				fmt.Fprint(w, "LDAP用户密码验证失败，请检查配置文件!")
				return
			} else {
				G.Ldap.Conn = *ldap_concatenon
			}
		}

		defer ldap_concatenon.Close()
	} else {
		log.Println(Err)
		fmt.Fprint(w, "LDAP端口号配置错误!")
		return
	}

	ObjectClass := "(&(objectClass=shadowAccount)(objectClass=ldapPublicKey))"
	Attributes := []string{"displayName", "mobile", "uid", "mail", "loginShell", "gidNumber", "uidNumber", "givenName", "sn", "sshPublicKey"}

	LdapUserAll := make([]map[string]string, 0)
	if Info, Err := G.Ldap.Search(G.Ldap.Config["ldap_user_dn"], ObjectClass, Attributes); Err == nil {
		for _, entry := range Info {
			vmap := make(map[string]string)
			if entry.GetAttributeValue("mail") != "" {
				vmap["uidNumber"] = entry.GetAttributeValue("uidNumber")
				vmap["uid"] = entry.GetAttributeValue("uid")
				vmap["loginShell"] = entry.GetAttributeValue("loginShell")
				vmap["gidNumber"] = entry.GetAttributeValue("gidNumber")
				vmap["mobile"] = entry.GetAttributeValue("mobile")
				vmap["mail"] = entry.GetAttributeValue("mail")
				vmap["displayName"] = entry.GetAttributeValue("displayName")
				vmap["givenName"] = entry.GetAttributeValue("givenName")
				vmap["sn"] = entry.GetAttributeValue("sn")
				vmap["sshPublicKey"] = entry.GetAttributeValue("sshPublicKey")
				LdapUserAll = append(LdapUserAll, vmap)
			}
		}
	} else {
		log.Println(Err.Error())
		G.Info = make(map[string]string)
		G.Info["url"] = "/"
		G.Info["message"] = "系统错误"
		http.Redirect(w, r, "/error", http.StatusFound)
		return
	}
	LdapGroupAll := make([]map[string]string, 0)
	GroupObjectClass := "(&(objectClass=posixGroup)(objectClass=top))"
	GroupAttributes := []string{"description", "cn", "gidNumber"}
	if Info, Err := G.Ldap.Search(G.Ldap.Config["ldap_group_dn"], GroupObjectClass, GroupAttributes); Err == nil {
		for _, entry := range Info {
			vmap := make(map[string]string)

			vmap["description"] = entry.GetAttributeValue("description")
			vmap["cn"] = entry.GetAttributeValue("cn")
			vmap["gidNumber"] = entry.GetAttributeValue("gidNumber")
			LdapGroupAll = append(LdapGroupAll, vmap)
		}
	} else {
		log.Println(Err.Error())
		G.Info = make(map[string]string)
		G.Info["url"] = "/"
		G.Info["message"] = "系统错误"
		http.Redirect(w, r, "/error", http.StatusFound)
		return
	}
	HostAll, Err := G.SelectAll("select id from hosts")
	if Err != nil {
		log.Println(Err.Error())
		G.Info = make(map[string]string)
		G.Info["url"] = "/"
		G.Info["message"] = "系统错误:"+Err.Error()
		http.Redirect(w, r, "/error", http.StatusFound)
		return
	}

	VpNListAll, Err := G.SelectAll("select vpn_name,vpn_labelling from vpn_list")
	if Err != nil {
		log.Println(Err.Error())
		G.Info = make(map[string]string)
		G.Info["url"] = "/"
		G.Info["message"] = "系统错误:"+Err.Error()
		http.Redirect(w, r, "/error", http.StatusFound)
		return
	}

	out := map[string]interface{}{"Global": G, "LdapUserAll": LdapUserAll, "LdapGroupAll": LdapGroupAll, "HostAll": HostAll,"VpNListAll":VpNListAll}
	t, template_err := template.ParseFiles("templates/ldap/user.html", "templates/common/head.html", "templates/common/foot.html")
	if template_err != nil {
		log.Println(template_err.Error())
		fmt.Fprintf(w, template_err.Error())
	} else {
		t.Execute(w, out)
	}
}

//添加用户
func (G *Global) LdapUserAdd(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/user", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		password := G.RandStr(10)
		if Err := G.Ldap.LdapUserADD(
			r.PostFormValue("givenName"),
			r.PostFormValue("sn"),
			r.PostFormValue("uid"),
			r.PostFormValue("gidNumber"),
			r.PostFormValue("mobile"),
			r.PostFormValue("mail"),
			G.GetUnixNano(), password); Err == nil {
			body := "<div><a>你的账号:" + r.PostFormValue("uid") + "</a></div><div><a>密码:" + password + "</a></div>如需修改密码请登录http://172.16.50.106:8080/进行修改"
			//发送邮件
			if Err := G.EMAIL(r.PostFormValue("mail"), "个人账号密码通知", body); Err == nil {
				fmt.Fprint(w, Get_Json("Success"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("发送邮件失败，请检查邮件配置!"))
			}
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("添加失败!"))
		}
	}
}

//删除用户
func (G *Global) LdapUserDel(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/user", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		if Err := G.Ldap.Del("uid=" + r.PostFormValue("uid") + "," + G.Ldap.Config["ldap_user_dn"]); Err == nil {
			fmt.Fprint(w, Get_Json("Success"))
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("删除失败!"))
		}
	}
}

//编辑用户
func (G *Global) LdapUserEdit(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/user", http.StatusFound)
	}
	if r.Method == "POST" {

		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		DN := "uid=" + r.PostFormValue("uid") + "," + G.Ldap.Config["ldap_user_dn"]
		givenName_Err := G.Ldap.ModifAttrtype(DN, "givenName", r.PostFormValue("givenName"))

		if gidNumber := r.PostFormValue("gidNumber"); gidNumber != "" {
			G.Ldap.ModifAttrtype(DN, "gidNumber", r.PostFormValue("gidNumber"))
		}
		sn_Err := G.Ldap.ModifAttrtype(DN, "sn", r.PostFormValue("sn"))
		mobile_Err := G.Ldap.ModifAttrtype(DN, "mobile", r.PostFormValue("mobile"))
		mail_Err := G.Ldap.ModifAttrtype(DN, "mail", r.PostFormValue("mail"))
		displayName_Err := G.Ldap.ModifAttrtype(DN, "displayName", r.PostFormValue("givenName")+r.PostFormValue("sn"))
		if givenName_Err == nil && sn_Err == nil && mobile_Err == nil && mail_Err == nil && displayName_Err == nil {
			fmt.Fprint(w, Get_Json("Success"))
		} else {
			log.Println(givenName_Err, sn_Err, mobile_Err, mail_Err, displayName_Err)
			fmt.Fprint(w, Get_Json("编辑失败!"))
		}
	}
}

//重置密码
func (G *Global) ResePasswd(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/user", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		uid := r.PostFormValue("uid")
		password := G.RandStr(10)
		if Err := G.Ldap.ResePasswd(uid, password, G.GetUnixNano()); Err == nil {
			body := "<div><a>你的账号:" + uid + "</a></div><div><a>新密码:" + password + "</a></div>如需修改密码请登录********************进行修改" //邮件主题
			if Err := G.EMAIL(r.PostFormValue("mail"), "个人账号重置密码通知", body); Err == nil {
				fmt.Fprint(w, Get_Json("重置密码成功!"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("发送邮件失败，请检查邮件配置!"))
			}
		}
	}
}

//SSHKEY管理
func (G *Global) LdapUserSshKeyEdit(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/group", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		DN := "uid=" + r.PostFormValue("uid") + "," + G.Ldap.Config["ldap_user_dn"]
		if Err := G.Ldap.ModifAttrtype(DN, "sshPublicKey", r.PostFormValue("sshPublicKey")); Err == nil {
			fmt.Fprint(w, Get_Json("编辑成功!"))
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("编辑失败!"))
		}
	}
}

//主机管理

type Host struct {
	Status   string
	Hostinfo []map[string]string
}

func (G *Global) LdapUserHost(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		r.ParseForm()

		LdapUserHostAll := make([]map[string]string, 0)
		if Info, Err := G.Ldap.Search("uid="+r.Form.Get("uid")+","+G.Ldap.Config["ldap_user_dn"], "(&(objectClass=hostObject))", []string{"host"}); Err == nil {

			var Host_JSON Host
			Host_JSON.Status = "Success"
			if len(Info) == 0 {
				if _json, Err := json.Marshal(Host_JSON); Err == nil {
					fmt.Fprint(w, string(_json))
				}
			} else {
				for _, v := range Info[0].GetAttributeValues("host") {
					vmap := make(map[string]string)
					vmap["hostname"] = v
					LdapUserHostAll = append(LdapUserHostAll, vmap)
				}
				Host_JSON.Hostinfo = LdapUserHostAll
				if _json, Err := json.Marshal(Host_JSON); Err == nil {
					fmt.Fprint(w, string(_json))
				} else {
					log.Println(Err)
				}
			}
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("系统错误!"))

		}
	}
	if r.Method == "POST" {

		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}

		if r.PostFormValue("type") == "del" {
			if Err := G.DelAttrtype("uid="+r.PostFormValue("uid")+","+G.Ldap.Config["ldap_user_dn"], "host", r.PostFormValue("hostname")); Err == nil {
				fmt.Fprint(w, Get_Json("Success"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("系统错误!"))
			}
		} else if r.PostFormValue("type") == "add" {
			if Info, Err := G.Ldap.Search("uid="+r.Form.Get("uid")+","+G.Ldap.Config["ldap_user_dn"], "(&(objectClass=hostObject))", []string{"host"}); Err == nil {
				for _, v := range Info[0].GetAttributeValues("host") {
					if v == r.PostFormValue("hostname") {
						fmt.Fprint(w, Get_Json("请勿重复添加!"))
						return
					}
				}
			}
			if Err := G.AddAttrtype("uid="+r.PostFormValue("uid")+","+G.Ldap.Config["ldap_user_dn"], "host", r.PostFormValue("hostname")); Err == nil {
				fmt.Fprint(w, Get_Json("添加成功!"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("系统错误!"))

			}
		}
	}
}

//VPN管理
type Vpn struct {
	Status  string
	Vpninfo []map[string]string
}

func (G *Global) LdapUserVpn(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		r.ParseForm()
		LdapUserHostAll := make([]map[string]string, 0)
		if Info, Err := G.Ldap.Search("uid="+r.Form.Get("uid")+","+G.Ldap.Config["ldap_user_dn"], "(&(objectClass=hostObject))", []string{"title"}); Err == nil {
			var Json_Vpn Vpn
			Json_Vpn.Status = "Success"
			if len(Info) == 0 {
				if _json, Err := json.Marshal(Json_Vpn); Err == nil {
					fmt.Fprint(w, string(_json))
				} else {
					log.Println(Err.Error())
					fmt.Fprint(w, Get_Json("系统错误!"))
				}
			} else {
				for _, v := range Info[0].GetAttributeValues("title") {
					vmap := make(map[string]string)
					vmap["vpn"] = v
					LdapUserHostAll = append(LdapUserHostAll, vmap)
				}
				Json_Vpn.Vpninfo = LdapUserHostAll
				if _json, Err := json.Marshal(Json_Vpn); Err == nil {
					fmt.Fprint(w, string(_json))
				} else {
					log.Println(Err.Error())
					fmt.Fprint(w, Get_Json("系统错误!"))
				}
			}
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("系统错误!"))

		}
	}
	if r.Method == "POST" {

		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}

		if r.PostFormValue("type") == "del" {
			if Err := G.DelAttrtype("uid="+r.PostFormValue("uid")+","+G.Ldap.Config["ldap_user_dn"], "title", r.PostFormValue("vpn_name")); Err == nil {
				fmt.Fprint(w, Get_Json("Success"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("系统错误!"))
			}
		} else if r.PostFormValue("type") == "add" {

			if Info, Err := G.Ldap.Search("uid="+r.Form.Get("uid")+","+G.Ldap.Config["ldap_user_dn"], "(&(objectClass=hostObject))", []string{"title"}); Err == nil {
				for _, v := range Info[0].GetAttributeValues("title") {
					if v == r.PostFormValue("vpn_name") {
						fmt.Fprint(w, Get_Json("请勿重复添加!"))
						return
					}
				}
			}
			if Err := G.AddAttrtype("uid="+r.PostFormValue("uid")+","+G.Ldap.Config["ldap_user_dn"], "title", r.PostFormValue("vpn_name")); Err == nil {
				fmt.Fprint(w, Get_Json("添加成功!"))
			} else {
				log.Println(Err.Error())
				fmt.Fprint(w, Get_Json("系统错误!"))
			}
		}
	}
}

//分组管理首页
func (G *Global) LdapGroup(w http.ResponseWriter, r *http.Request) {
	G.Ldap.Config = G.Config.LdapConfig()
	if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
		ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
		if Err != nil {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
			return
		} else {
			if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
				return
			} else {
				G.Ldap.Conn = *ldap_concatenon
			}
		}

		defer ldap_concatenon.Close()
	} else {
		log.Println(Err)
		fmt.Fprint(w, Get_Json("Ldap配置错误!"))
		return
	}
	ObjectClass := "(&(objectClass=posixGroup)(objectClass=top))"
	Attributes := []string{"description", "cn", "gidNumber"}
	LdapGroupAll := make([]map[string]string, 0)
	if Info, Err := G.Ldap.Search(G.Ldap.Config["ldap_group_dn"], ObjectClass, Attributes); Err == nil {
		for _, entry := range Info {
			vmap := make(map[string]string)

			vmap["description"] = entry.GetAttributeValue("description")
			vmap["cn"] = entry.GetAttributeValue("cn")
			vmap["gidNumber"] = entry.GetAttributeValue("gidNumber")
			LdapGroupAll = append(LdapGroupAll, vmap)
		}
	}
	out := map[string]interface{}{"Global": G, "LdapGroupAll": LdapGroupAll}
	t, template_err := template.ParseFiles("templates/ldap/group.html", "templates/common/head.html", "templates/common/foot.html")
	if template_err != nil {
		log.Println(template_err.Error())
		fmt.Fprintf(w, template_err.Error())
	} else {
		t.Execute(w, out)
	}
}

//编辑分组
func (G *Global) LdapGroupEdit(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/group", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		DN := "cn=" + r.PostFormValue("cn") + "," + G.Ldap.Config["ldap_group_dn"]
		if Err := G.Ldap.ModifAttrtype(DN, "description", r.PostFormValue("description")); Err == nil {
			fmt.Fprint(w, Get_Json("Success"))
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("编辑失败!"))
		}
	}
}

//删除分组
func (G *Global) LdapGroupDel(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/group", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		if Err := G.Ldap.Del("cn=" + r.PostFormValue("cn") + "," + G.Ldap.Config["ldap_group_dn"]); Err == nil {
			fmt.Fprint(w, Get_Json("Success"))
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("删除失败!"))
		}
	}
}

//添加分组
func (G *Global) LdapGroupAdd(w http.ResponseWriter, r *http.Request) {
	if r.Method == "GET" {
		http.Redirect(w, r, "/ldap/group", http.StatusFound)
	}
	if r.Method == "POST" {
		G.Ldap.Config = G.Config.LdapConfig()
		if ldap_port, Err := strconv.Atoi(G.Ldap.Config["ldap_port"]); Err == nil {
			ldap_concatenon, Err := ldap.Dial("tcp", fmt.Sprintf("%s:%d", G.Ldap.Config["ldap_addr"], ldap_port))
			if Err != nil {
				log.Println(Err)
				fmt.Fprint(w, Get_Json("Ldap服务器连接失败!"))
				return
			} else {
				if Err := ldap_concatenon.Bind(G.Ldap.Config["ldap_username"], G.Ldap.Config["ldap_password"]); Err != nil {
					log.Println(Err)
					fmt.Fprint(w, Get_Json("Ldap用户密码验证失败!"))
					return
				} else {
					G.Ldap.Conn = *ldap_concatenon
				}
			}

			defer ldap_concatenon.Close()
		} else {
			log.Println(Err)
			fmt.Fprint(w, Get_Json("Ldap配置错误!"))
			return
		}
		if Err := G.Ldap.LdapGroupADD(r.PostFormValue("cn"), r.PostFormValue("description")); Err == nil {
			fmt.Fprint(w, Get_Json("Success"))
		} else {
			log.Println(Err.Error())
			fmt.Fprint(w, Get_Json("添加失败!"))
		}
	}
}
